tracee
System monitoring tool
A tool that uses eBPF to monitor system behavior and detect security threats
Linux Runtime Security and Forensics using eBPF
4k stars
53 watching
424 forks
Language: Go
last commit: 4 months ago
Linked from 2 awesome lists
bpfdockerebpfgolangkuberneteslinuxruntime-securitysecurity
zoidyzoidzoid/awesome-ebpf
jatrost/awesome-kubernetes-threat-detectionRelated projects:
| Repository | Description | Stars |
|---|---|---|
 cilium/tetragon | A real-time security monitoring system that detects and responds to sensitive events using eBPF-based sensors and enriched with kernel and Kubernetes metadata | 3,694 |
 alegrey91/harpoon | Tools for tracing and analyzing system calls in user-space functions using eBPF | 92 |
| aquasecurity/kube-bench | Automated security auditing tool for Kubernetes clusters | 7,129 |
| aquasecurity/kube-hunter | Detects security weaknesses in Kubernetes clusters to increase awareness and visibility of potential vulnerabilities. | 4,774 |
| aquasecurity/trivy | A comprehensive security scanner that identifies vulnerabilities and misconfigurations in various targets such as containers, code repositories, and infrastructure | 24,010 |
 anchore/syft | Generates detailed visibility into software packages and dependencies to manage vulnerabilities and license compliance. | 6,371 |
| anchore/grype | A tool for detecting vulnerabilities in container images and filesystems | 8,970 |
 kubescape/kubescape | A platform that analyzes and secures Kubernetes environments throughout the development and deployment lifecycle | 10,292 |
| aquasecurity/libbpfgo | A Go library providing an interface to eBPF programs from userspace | 748 |
 genuinetools/bpfd | A framework for running BPF programs with rules on Linux as a daemon, allowing for flexible and container-aware tracing and filtering of system events. | 476 |
 zegl/kube-score | Analyzes Kubernetes object definitions for security and reliability issues and provides recommendations for improvement. | 2,813 |
 kxxt/tracexec | A utility for tracing execve{,at} and pre-exec behavior in programs. | 292 |
 owasp/nettacker | Automated tool for identifying vulnerabilities and gathering information about network services and systems. | 3,700 |
 linuxserver/docker-swag | An all-in-one web application gateway with Nginx, PHP, and security features | 2,941 |
 open-telemetry/opentelemetry-ebpf-profiler | A Linux-based profiler that uses eBPF to profile system calls and CPU cycles in real-time, providing insights into application performance without requiring instrumentation or recompilation. | 2,529 |